How to block HTTPS websites (e.g. Facebook) w/ pfSense
I'll block Facebook website as example ( https )
You can watch the video version of this tutorial here.
You can watch the video version of this tutorial here.
To block HTTPS websites like FACEBOOK , you need to .. .. .
1. PING facebook website and get the IP .
Try to PING www.facebook.com / fb.com / facebook.com .... it will give different results depending on your location. . . take note of the REPLY FROM ip ... on the picture above its says REPLY FROM 31.13.68.49 and REPLY FROM 173.252.110.27 .....
DO the above instruction many times... yes... repeat it a lot to make sure that you'll get all the IPs possible... be patient ok?
You can try different ways and method, just keep in mind that your target at this point is to GET ALL POSSIBLE IPs of Facebook on your location.
2. Create an ALIAS with FB IPs on it
--- On your pfSense WebGUI, go to FIREWALL >> ALIASES
--- Create new alias. Give it a name(FBblock) and description
--- Type is NETWORKs
--- Enter the facebook IPs that you have from STEP 1 above
--- SAVE >> APPLY SETTINGS
3. Make a LAN RULE that will block the IPs on your Alias
--- Go to FIREWALL >> RULES >> CREATE new rule
--- Action = BLOCK
--- Interface = LAN
--- tcp/ip version = IPV4
--- Protocol = TCP/UDP
--- Destination =
type: SingleHost or Alias
Address: FBblock (Alias name that you created on Step 2. )
--- Save . Apply settings
Dont forget to SAVE or APPLY SETTINGS every time you make changes. Sometimes you need also to reboot your pfSense for the changes to take effect.
.
.
DO the above instruction many times... yes... repeat it a lot to make sure that you'll get all the IPs possible... be patient ok?
You can try different ways and method, just keep in mind that your target at this point is to GET ALL POSSIBLE IPs of Facebook on your location.
2. Create an ALIAS with FB IPs on it
--- On your pfSense WebGUI, go to FIREWALL >> ALIASES
--- Create new alias. Give it a name(FBblock) and description
--- Type is NETWORKs
--- Enter the facebook IPs that you have from STEP 1 above
--- SAVE >> APPLY SETTINGS
3. Make a LAN RULE that will block the IPs on your Alias
--- Go to FIREWALL >> RULES >> CREATE new rule
--- Action = BLOCK
--- Interface = LAN
--- tcp/ip version = IPV4
--- Protocol = TCP/UDP
--- Destination =
type: SingleHost or Alias
Address: FBblock (Alias name that you created on Step 2. )
--- Save . Apply settings
That's it! As easy as that! You are done. FACEBOOK website should be inaccessible or blocked by now, even the HTTPS one.
I hope it works on you ;)
I hope it works on you ;)
Dont forget to SAVE or APPLY SETTINGS every time you make changes. Sometimes you need also to reboot your pfSense for the changes to take effect.
.
.
"hey WAIT! HOW CAN I MAKE MYSELF ACCESS FACEBOOK AND OTHERS ARE BLOCKED??!"
Maybe that's your next question... Am I right? or correct? :D ;)
If you want your PC and friends pc to bypass the facebook block rule.. you need to...
4. Create new alias with the IPs of "GoodPCs" (selected PCs to bypass the block rule)
--- Create new Alias, give it a name and description
--- Type = HOST
--- Add new host and enter the IPs of your "GoodPcs"
--- Save, Apply Changes
--- Save, Apply Changes
5. Go to FIREWALL >>RULES and edit the LAN rule to block FB that you created earlier on step 3 above...
--- just add on SOURCE = Allow_this_IP (the allias name you created on step 4)
--- check NOT . don't fail on this. go check not (use this option to invert the sense of the match)
--- That's it. Save. Apply changes. reboot if needed.
You should see like this on your RULE > LAN
"GoodPCs" or the selected IPs that you define on your step4 alias should be able to access facebook website now.
Does it work? Let me know...
Use the comment box below. Thanks
next: How to filter web browsing (block PornSites)
UPDATE: HOW to BLOCK YOUTUBE(new)
Use the comment box below. Thanks
next: How to filter web browsing (block PornSites)
UPDATE: HOW to BLOCK YOUTUBE(new)
